QwikSec

Security Database

CVE

CWE

Training

CVE-2022-32545

Published: Jun 16, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Vendor	Product	Versions
n/a	ImageMagick	affected `Fixed in ImageMagick 6.9.12-43, ImageMagick 7.1.0-28`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2091811

https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512

https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa

[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.